Abstract: Provided is an information storage device including a storage unit configured to store encrypted content and an encryption key to be applied to decryption of the encrypted content, wherein the storage unit stores a converted encryption key generated through an arithmetic operation of the encryption key and an electronic signature that is constituent data of an encrypted content signature file set corresponding to the encrypted content, wherein the electronic signature is an electronic signature for data that includes constituent data of the encrypted content and the encryption key, and wherein a reproduction device configured to read the encrypted content from the storage unit and execute a decryption process is able to be caused to perform acquisition of the encryption key through an arithmetic operation of applying the electronic signature to the converted encryption key.

Abstract: A computer-implemented method for trusting digitally signed files in the absence of verifiable signature conditions may include (1) receiving, from an agent on at least one endpoint device, signature information that indicates that a file encountered by the endpoint device has been digitally signed, (2) generating, based at least in part on the signature information received from the endpoint device, a reputation for the file that indicates the file's trustworthiness, (3) receiving a request from an additional agent for reputation information for the file, and (4) sending, in response to receiving the request, the reputation for the file to the additional agent to enable the additional agent to determine the trustworthiness of the file in the absence of verifiable signature conditions. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Some embodiments provide a physical forwarding element that hashes portions of packet headers using several novel hashing techniques. The techniques include a novel set of finishing operations that improve the quality of resulting hashes by increasing their distribution and improving their apparent-randomness. In addition, the finishing operations virtually guarantee that different length inputs will hash to different results, even when padded to be the same initial values. The techniques also include efficient handling of remainder sections when distributing sections of a hash input across multiple processing units. The remainders are hashed into various previously generated hashes based on how many remainders result. These hashing techniques are useful for many network applications.

Abstract: A presentation system and method is disclosed for presenting a presentation via a communications network. The presentation system includes one or more client nodes structured to receive presentation data. One or more leader stations of the presentation is structured to control content of the presentation data at the one or more client nodes, and one or more content server sites is structured to provide the presentation data to the one or more client nodes. The presentation system further includes one or more content managers structured to manage the delivery of the presentation data to the one or more content server sites and verify that the presentation data is operable to being presented at the one or more client nodes.

Abstract: A network device comprises a storage device storing an application program for a secure communications service, and at least one processor configured to execute the application program for the secure communications service so as to enable the network device to send a request to look up a network address of a second device based on an identifier associated with the second device, receive an indication that the second device is available for the secure communications service, the indication including the requested network address and provisioning information for a secure communication link, connect to the second device over the secure communication link, using the received network address of the second device and the provisioning information for the secure communication link, and communicate at least one of video data and audio data with the second device using the secure communications service via the secure communication link.

Abstract: Disclosed is a method and system for transmitting data. The system includes at least one first stationary and/or mobile communication terminal at least one further second communication terminal and a switching unit reachable by all communication terminals via a data network. The communication terminals send data to the switching unit, which data are encrypted with a symmetric encryption method, and send the symmetric key encrypted with a public key of a key pair to the switching unit, so that the same can send it to other communication terminals, which in possession of an associated private key then are capable of accessing the information stored at the switching unit and decrypt the same.

Abstract: A device, method, and an action figure toy for implementing encrypted content for implementation in a game are disclosed. The encrypted content may relate to physical objects, such as action figure toys corresponding movie characters and/or any other physical objects. Such content may be encrypted separately and distinctively during a development stage of the game. Decryption information for decrypting the encrypted content may be stored on and distributed with corresponding physical objects. A set of encrypted content associated with such a physical object may be decrypted upon presence of the physical object detected by a reader configured to read information stored on the physical object and responsive to receiving the decryption key stored on the physical object. The decrypted content may be implemented in the game responsive to the presence of the physical object on the reader.

Abstract: The content-aware application switch and methods thereof intelligently switch client packets to one server among a group of servers in a server farm. The switch uses Layer 7 or application content parsed from a packet to help select the server and to schedule the transmitting of the packet to the server. This enables refined load-balancing and Quality of-Service control tailored to the application being switched. In an exemplary embodiment of the invention, a method includes maintaining a server load metric for each server in a group of servers; parsing application content from a packet; selecting a destination server from the group of servers, wherein selecting the destination server is dependent on the server load metric for each server, assigning a priority to the packet, the priority being dependent on the application content; and dropping the packet if the priority comprises at least one of a predetermined type.

Abstract: Methods and systems are described for secure delivery of a content item from at least a first content distribution network (CDN1) to at least one content receiving entity using a split-key cryptosystem comprising encryption and decryption algorithms E and D, a cipher algorithm for generating encryption and decryption keys e,d on the basis of secret information S and a split-key algorithm using secret information S for splitting e into i different split-encryption keys e1, e2, . . . , ei and/or for splitting d into k different split-decryption keys d1, d2, . . . , dk respectively, such that Ddk(Ddk-1( . . . (Dd2(Dd1(Eei(Eei-1( . . . (Ee2(Ee1(X)) . . . ))=Ddk(Ddk-1( . . . (Dd2(Dd1(Xe1, e2, . . . , ei))=X wherein i,k?1 and i+k>2.

Abstract: The described implementations relate to processing of electronic data. One implementation is manifest as a system that can include an event analysis component and one or more processing devices configured to execute the event analysis component. The event analysis component can be configured to obtain multiple events that are generated by network devices in a networking environment. The event analysis component can also be configured to identify impactful events from the multiple events. The impactful events can have associated device-level or link-level impacts. The event analysis component can also be configured to determine one or more failure metrics for an individual impactful event. The one or more failure metrics can include at least a first redundancy-related failure metric associated with redundant failovers in the networking environment.

Abstract: A method for encrypting data on a disk drive using self encrypting drive is provided. The method includes encryption of data chunks of a computing device. The method further includes associating the encrypted data chunks with encryption key indexes of the computing device. Moreover, the method further includes receiving the encryption key indexes for given logical block addresses of the data chunks. The method further includes determining the encryption keys to be used to encrypt the data chunks based on the encryption key indexes of the data chunks to the disk drive.

Abstract: Methods and systems for providing content are disclosed. One method can comprise receiving a request for content comprising at least a first segment. The method can also comprise determining an expiration condition of the first segment, and replacing the first segment with a second segment based on the expiration condition. The method can also comprise providing the second segment to a user or a device.

Abstract: Files associated with the operation of gateway and client devices in a network may be downloaded with minimal operator intervention. Accordingly, a method includes receiving data including a first file, a first authentication element, and a second authentication element, the first authentication element being unique to a client device associated with the gateway device. The method also includes determining if the second authentication element is valid for the gateway device and storing the first authentication element and the second file for the client device if the second authentication element is valid for the gateway device. An apparatus includes a receiver that receives data, a processor that determines if the second authentication element is valid for the gateway device, and a memory that stores the first authentication element and a portion of the data for the client device if the second authentication element is valid for the gateway device.

Abstract: In the described embodiments, a connection data exchange (“CDX”) service serves as an exchange point for connection data for establishing peer-to-peer (“P2P”) connections between devices. During operation, the CDX service can receive a connection data structure (a “ticket”) that was created by a matchmaker or an invitation service in response to requests from devices attempting to establish P2P connections. Each ticket can identify a corresponding device and can include encrypted NAT hole-punch data associated with the corresponding device. The CDX service can authenticate each ticket and decrypt the NAT hole punch data from the ticket using a corresponding key. The CDX service can then use corresponding NAT hole punch data to send connection data to each of the devices that reside behind NAT devices.

Abstract: A remote media server provides a resource identifier to a digital media controller. A digital media controller passes this resource identifier to a digital media renderer. The digital media renderer launches an application that processes the resource identifier to access the remote media server and play back the media. Playback is responsive to controls from the digital media controller. The digital media renderer can play back media identified by the digital media controller, but that is encoded and protected in a manner specific to the digital media renderer. The digital media controller can shut down or become dormant to save battery power without affecting playback by the digital media renderer. By providing the information about available applications from the digital media renderer to the digital media controller, the digital media controller can reliably send resource identifiers for which applications are available the digital media renderer.

Abstract: Routing of content, including: receiving a request to access a content item from a device; determining at least one of status, location, and format of the content item; and planning a procedure to fulfill the request to access the content item, wherein the procedure includes a method and a route.

Abstract: In some embodiments, a processor-based system may include a processor, the processor having a processor identification, one or more electronic components coupled to the processor, at least one of the electronic components having a component identification, and a hardware security component coupled to the processor and the electronic component. The hardware security component may include a secure non-volatile memory and a controller. The controller may be configured to receive the processor identification from the processor, receive the at least one component identification from the one or more electronic components, and determine if a boot of the processor-based system is a provisioning boot of the processor-based system. If the boot is determined to be the provisioning boot, the controller may be configured to store a security code in the secure non-volatile memory, wherein the security code is based on the processor identification and the at least one component identification.

Abstract: In one aspect, a computer-implemented method for providing individualized portable asset applications may generally include providing access to a master geospatial asset and receiving a user input associated with generating a portable geospatial asset based on the master geospatial asset, wherein the portable geospatial asset corresponds to a data subset of the master geospatial asset. The method may also include generating the portable geospatial asset based on the user input and embedding the portable geospatial asset within an asset application, wherein the asset application includes computer-readable instructions for rendering the portable geospatial asset. In addition, the method may include transmitting the asset application containing the portable geospatial asset to a separate computing device.

Abstract: Virtual machines within a network computing environment negotiate among themselves with regard to the sharing of resources via respective resource managers. The resource agent monitors resource allocation patterns of its virtual machine and responsively updates usage data in a resource availability map and compares the updated usage data to a minimum operational requirements threshold and a surplus amount threshold. If the updated usage fails to meet the minimum operational requirements threshold, the resource agent determines a needed shortfall amount of resources, searches the resource availability map for offers of the shortfall from resource agents, and sends out a request to a resource agent offering the shortfall amount. If the updated usage data meets the minimum operational requirements threshold, the resource agent determines a surplus amount of a resource that exceeds the surplus amount threshold and creates and broadcasts an offer of the surplus amount to the other resource agents.

Abstract: A system for providing Video-on-Demand (VOD) service in a network includes a plurality of user devices and a server. Activation of an allowed transmission mode or a peer-to-peer transmission mode is dependent on whether a peer-to-peer transmission function of a first user device of the user devices is limited or not. The first user device calculates respective transmission rates of the two transmission modes to determine their respective download ranges. The transmission mode having a higher transmission speed downloads data close to a start of the target data and another transmission mode having a lower transmission speed downloads data close to an end of the target data. Based on the target data temporarily stored in other user devices, the first user device assigns each of the two transmission modes a download sequence of a plurality of clips of the target data to download the clips of the target data.